Chiebot-Mirror/boringssl - boringssl - Gitea: Git with a cup of tea

Author	SHA1	Message	Date
David Benjamin	03cae7a2b3	Keep EVP_CIPHER/EVP_MD lookup and do_all functions in sync Node seems uncommonly sensitive to this, so let's write these functions in a way that stays in sync and test this. See also https://boringssl-review.googlesource.com/c/boringssl/+/49585 This does incur a cost across all BoringSSL consumers that use these functions: as a result of Node indiscriminately exposing every cipher, we end up pulling more and more ciphers into these getters. But that ship sailed long ago, so, instead, document that EVP_get_cipherby* should not be used by size-conscious callers. EVP_get_digestby* probably should have the same warning, but I've left it alone for now because we don't quite have the same proliferation of digests as ciphers. (Though there are things in there, like MD4, that ought to be better disconnected.) Change-Id: I61ca406c146279bd05a52bed6c57200d1619c5da Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/49625 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: Adam Langley <agl@google.com>	3 years ago
David Benjamin	a3aeea7c77	Remove block_mask from EVP_CIPHER_CTX. This may as well be computed from block_size. This reduces the per-EVP_CIPHER_CTX memory usage slightly. Update-Note: It doesn't look like anyone is reading into this field. If they are, we can ideally fix it, or revert this if absolutely necessary. Change-Id: Ieef9177bed1671efca23d4f94d3d528f82568fc6 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/45884 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Adam Langley <agl@google.com>	4 years ago
David Benjamin	e7c0c9734f	Don't overflow the output length in EVP_CipherUpdate calls. CVE-2021-23840 (Imported from upstream's 6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1.) This differs slightly from upstream's version: - EVP_R_OUTPUT_WOULD_OVERFLOW didn't seem necessary when ERR_R_OVERFLOW already exists. (Also since we use CIPHER_R_, it wouldn't have helped with compatibility anyway. Though there's probably something to be said for us folding CIPHER_R_ back into EVP_R_*.) - For simplicity, just check in_len + bl at the top, rather than trying to predict the exact number of bytes written. Update-Note: Passing extremely large input lengths into EVP_CipherUpdate will now fail. Use EVP_AEAD instead, which is size_t-based and has more explicit output bounds. Change-Id: I31835c89dcdecb6b112828f57deb798dc7187db5 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/45685 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com>	4 years ago
Adam Langley	5dd18d017d	A handful more compatibility functions. Change-Id: I814f55742910c519e9b64aca1b15a4d754adc541 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/44944 Commit-Queue: Adam Langley <agl@google.com> Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: David Benjamin <davidben@google.com>	4 years ago
Adam Langley	76164b1bc9	Add some OpenSSL-compatibility aliases Change-Id: I808f37c2980e36843b5b5d29174b4f27a030738a Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/44924 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: David Benjamin <davidben@google.com>	4 years ago
Adam Langley	5eeaf3029d	Add some accommodations for FreeRDP Change-Id: Iad962fd50ede78eb94e10ba2438163509c4587e0 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/42924 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: David Benjamin <davidben@google.com>	4 years ago
Adam Langley	fb0c05cac2	acvp: add CMAC-AES support. Change by Dan Janni. Change-Id: I3f059e7b1a822c6f97128ca92a693499a3f7fa8f Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/41984 Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: David Benjamin <davidben@google.com>	4 years ago